v0.98.9

Added path traversal remediation (#493)

The scope of this is limited for a first introduction, since path
traversal will be a tricky one to generalize more. This change
introduces a remediator that will sanitize PT flows that start with an
obvious source of taint that is intended to be a filename -- multipart
file names.

v0.98.8

Fixed redundant Sonar part of codemod ids (#492)

v0.98.7

Honor new combined Sonar flag (#489)

https://github.com/pixee/codemodder-specs/pull/43

v0.98.6

Deprioritize log injection (#487)

This way, it runs "after" other codemods, and higher priority fixes will
be merged first, in a conflict.

v0.98.5

Add several Sonar hotspot mappings (#486)

v0.98.4

Fix more shapes of `log-injection` (#485)

This change fixes more shapes of log injection vulnerabilities, and
bumps the toolkit version to guarantee safety when passing non-`String`
types to `stripAll`.

v0.98.3

New rules, first implemented in CodeQL (#483)

This change introduces new remediation logic for weak crypto algorithms,
and log injection, two unexciting vulnerability classes for different
reasons, but for completeness, should be present.

v0.98.2

Changed default XML parser to Woodstox (#482)

Changes the default StAX parser to Woodstox. This will allow us to be
more in control of the parser's behavior. Also it's a bit faster than
Java's default one.

v0.98.1

Add ability to remediate other XSS code shapes (#481)

Took logic specific to Semgrep and generalized.

v0.98.0

Add tests and more stable behavior when seeing Maven failure (#476)